Timothy C. Williams 



Serial No.: 09/933,760 



Amendments to the Claims: 

The listing of claims will replace all prior versions, and listings of claims in the application. Please 
amend/cancel/add the claims as follows: 

Listing of Claims : 

Claims 1-24 (Canceled). 

Claim 25 (Previously Amended): A multi-level secure network having a plurality of host computers 
accessible to users and connected to a network medium that has access to an untrusted line, the secure 
network comprising: 

a network security controller for generating a plurality of user profiles for a single user identifier 
that a user inputs to allow access to the network and for sending one of said plurality of user profiles 
associated with the user identifier to security devices connected to the network medium, each of said user 
profiles defining at least one of a plurality of destinations which the user is authorized to access through 
discretionary access control and mandatory access control security mechanisms, wherein a plurality of user 
profiles define virtual private networks of communication comprising subsets of host computers; and, 

security systems associated with host computers connected to the network medium for 
receiving said plurality of user profiles, associated with the single user identifier, generated at the network 
security controller as selected by the user and for implementing security mechanisms associated with the user 
profiles, each security system associated with one host computer, each security system having an 
authorization system for authorizing user identifiers at the associated host computer as inputted by a user, the 
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security device permitting the authorized user, via the associated host computer, to select one of said plurality 
of user profiles associated with the user identifier and for restricting access of the host computer to the 
destinations defined in the selected user's profile. 

Claim 26 (Original): The network of claim 25, wherein the at least one destination comprises at 
least one other host computer of the network or the untrusted line. 

Claim 27 (Previously Amended): The network of claim 25, wherein the security system, when 
implementing security mechanisms, allows the host computer to connect to a trusted destination. 

Claim 28 (Previously Amended): The network of claim 25, wherein the security system, when not 
implementing security mechanisms, allows the host computer to connect to an untrusted destination. 

Claim 29 (Original): The network of claim 25, wherein the untrusted line comprises the Internet. 

Claim 30 (Original): The network of claim 25, wherein a user cannot simultaneously communicate 
with a trusted destination and an untrusted destination. 

Claim 31 (Original): The network of claim 25, wherein a user is prevented from simultaneously 
connecting to destinations having different security levels. 

Claim 32 (Original): The network of claim 25, wherein a user can only select one profile at a time. 
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Claim 33 (Canceled) 

Claim 34 (Original): The network of claim 25, wherein security is implemented at a network layer of 
protocol hierarchy. 

Claims 35 - 36 (Cancelled) 

Claim 37 (Previously Amended): The network of claim 25, wherein the security systems are 
integrated with the associated host computer. 

Claim 38 (Previously Amended): A method for operating a multi-level secure network having a 
plurality of host computers accessible to users through input of a single user identifier and a network security 
controller, each of which are connected to a network medium that has access to an untrusted line, the method 
comprising: 

generating at the network security controller a plurality of user profiles for each user identifier 
inputted by a user, each of said user profiles defining at least one of multiple destinations which the user is 
authorized to access through discretionary access control and mandatory access control security mechanisms, 
to define virtual private networks of communication comprising subsets of host computers; 

authorizing a user identifier that a user inputs at a host computer; 

permitting, at the host computer, the authorized user to select one of said plurality of user 
profiles associated with the user identifier; 
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sending one of said plurality of user profiles from said network security controller, as selected 
by the authorized user, to said host computer; and 

restricting access of the host computer to the destinations defined in the selected user's 

profile. 

Claim 39 (Previously Amended): The method of claim 38, wherein each of the destinations comprise 
other host computers of the network or the untrusted line. 

Claim 40 (Previously Amended): The method of claim 38, further comprising the step of implementing 
a security mechanism to enable the host computer to connect to a trusted destination. 

Claim 41 (Original): The method of claim 38, further comprising the step of not implementing security 
mechanisms when the host computer connects to an untrusted destination. 

Claim 42 (Original): The method of claim 38, wherein the untrusted line comprises the Internet. 

Claim 43 (Original): The method of claim 38, wherein a user cannot simultaneously communicate with 
a trusted destination and an untrusted destination. 

Claim 44 (Original): The method of claim 38, wherein a user is prevented from simultaneously 
connecting to destinations having different security levels. 
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Claim 45 (Original): The method of claim 38, wherein a user can only select one profile at a time. 
Claim 46 (Canceled) 

Claim 47 (Original): The method of claim 38, wherein security is implemented at a network layer of 
protocol hierarchy. 

Claim 48 (Cancelled) 

Claim 49 (Original): The method of claim 38, wherein the destination in a user's profile correspond to 
a level of security granted the user. 

Claims 50 - 58 (Cancelled) 

Claim 59 (Previously Amended): The secure network of claim 25 wherein said network security 
controller includes means for sending updated user profiles to said security systems. 

Claims 60 - 68 (Cancelled) 
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Claim 69 (Previously Amended): A method for controlling a sending computer to transmit information 
to a receiving computer over a computer network, the method comprising: 

providing a security system at each sending computer and receiving computer; 

setting user identification information at each security system for enabling a user to access the 
computer associated with the security system; 

setting a plurality of user profiles at one or more of the security systems to enable a user, 
based on a user's user identifier, to select one of said plurality of user profiles, each user profile defining one or 
more destinations that the user is authorized to communicate with; 

providing a network security controller on said computer network for receiving from said 
security system the identification of an authorized user identifier and the selected user profile and for 
forwarding the selected user profile to the security system for said authorized user identifier, including providing 
discretionary access control and mandatory access control policies for each user profile; 

receiving information to be transmitted from the sending computer to the receiving computer at 
the sending computer security system; 

implementing security mechanisms at a network layer of ISO protocol hierarchy to determine 
whether communication is authorized from the sending computer to the receiving computer by determining if 
the receiving computer is in a transmit list and consistent with a transmit security window through discretionary 
access control and mandatory access control, respectively and, if either condition is not satisfied then 
terminating the transmission of information and sending termination notice to the network security controller, 
otherwise encrypting the information to be transmitted; and 
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transmitting the encrypted information to the security system of the receiving computer over 
the computer network. 

Claim 70 (Previously Amended): The method of claim 69 further comprising the step of changing user 
profiles at the network security controller and updating available user profiles at a security system. 

Claim 71 (Previously Amended): The method of claim 69 further comprising the step of auditing the 
termination of transmission of information at the network security controller 

Claim 72 (Cancelled) 

Claim 73 (Previously Amended): The method of claim 69 wherein said computer network includes the 

Internet. 

Claim 74 (Currently Amended): The method of claim 69 wherein each security deviee -system p revents 
simultaneous connection at different security levels established by mandatory access controls. 

Claim 75 (Currently Amended): The method of claim 69 wherein each security deviee- system p revents 
simultaneous connection to trusted and untrusted networks. 

Claims 76 -84 (Cancelled) 
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Claim 85 (Previously Amended): The network of claim 25 wherein said security systems include 
means for enabling a plurality of user profiles to be set for a single user identifier. 

Claim 86 (Previously Amended): The network of claim 85 wherein said plurality of user profiles to be 
set for a single user identifier is specific to a particular host computer associated with the security system. 

Claim 87 (Previously Amended): The network of claim 85 wherein at least one of said plurality of user 
profiles enables access to a plurality of destinations. 

Claim 88 (Cancelled) 

Claim 89 (Previously Amended): The network of claim 88 wherein said network security controller 
enables the security officer to generate different user profiles at different security systems for a single user 
identifier. 
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